This week Pulse Secure added a major new component to their VPN, EMM, and NAC platform by announcing support for SAML 2.0. This will allow them to extend their reach into cloud applications.
In case you’re not familiar with Pulse Secure, they were formed a year and a half ago when Juniper Networks sold their Junos Pulse VPN business to a private equity firm. Pulse Secure then acquired MobileSpaces, a startup EMM vendor that provided MDM for iOS and Android, as well as a brilliant and unique Android mobile app management solution. By combining a VPN with EMM, NAC policies can be based on device management status. Pulse Secure does this all with Pulse One, a SaaS offering that was announced last year at RSA.
With new SAML 2.0 support (called Cloud Secure), Pulse One will be able to use the same policy and management platform to also control access to cloud applications.
I met with David Goldschlag, Pulse’s SVP of strategy, and Kevin Sapp, VP of strategy, this week at RSA. They told me that Pulse’s goal is not to become a full service identity as a service (IDaaS) vendor, but rather that cloud SSO was the next logical component to tie everything together.
They envision that smaller customers with simpler use cases could use their offering for SSO directly into cloud apps (and remember the number of cloud apps that support SAML 2.0 has grown by leaps and bounds in the last year). However, more typically most customers will use it to integrate Pulse One with other more advanced IDaaS offerings, which usually support more advanced identity tasks like account provisioning. Similarly, customers can choose to use Pulse’s EMM or instead integrate Pulse One with AirWatch or MobileIron.
Also this week at RSA Pulse Secure announced a plan to integrate the Pulse SDK with SAP Fiori for mobile apps. The Pulse SDK allows apps to connect directly to their VPN, without the need to worry about managing the whole device or deploying a separate client. This is important for many use cases such as contractors, partners, or employees that don’t want to enroll their personal devices in MDM.
It’s true that all these mobility and identity features are mostly significant for Pulse Secure’s existing and future VPN customers, but what I like about them is how flexible and extensible everything is. They could be an easy first entrance into the world of EMM or cloud SSO, or they can act as connective tissue in more advanced deployments. This also shows that there are a lot of ways to get EMM and identity management.